diff options
Diffstat (limited to 'install/tools/ipa-drm-install')
-rw-r--r-- | install/tools/ipa-drm-install | 65 |
1 files changed, 48 insertions, 17 deletions
diff --git a/install/tools/ipa-drm-install b/install/tools/ipa-drm-install index 2a2b2a727..b4b308d60 100644 --- a/install/tools/ipa-drm-install +++ b/install/tools/ipa-drm-install @@ -24,17 +24,21 @@ import sys from ConfigParser import SafeConfigParser, NoOptionError from ipalib import api -from ipaserver.install import drminstance -from ipaserver.install import dsinstance -from ipaserver.install import installutils from ipapython import version -from ipaserver.install.installutils import read_password from ipapython import certmonger -from ipapython.ipa_log_manager import * from ipapython import dogtag -from ipapython.config import IPAOptionParser +from ipapython import ipautil from ipapython import services as ipaservices - +from ipapython.config import IPAOptionParser +from ipapython.ipa_log_manager import * +from ipaserver.install import dogtaginstance +from ipaserver.install import drminstance +from ipaserver.install import dsinstance +from ipaserver.install import installutils +from ipaserver.install import service +from ipaserver.install.installutils import ( + read_password, read_replica_info_drm_enabled, + create_replica_config) log_file_name = "/var/log/ipa-drm-install.log" @@ -62,12 +66,15 @@ def uninstall(realm_name): def parse_options(): - usage = "%prog [options]" + usage = "%prog [options] [replica_file]" parser = IPAOptionParser(usage=usage, version=version.VERSION) parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False, help="gather extra debugging information") parser.add_option("-p", "--password", dest="password", sensitive=True, help="Directory Manager (existing master) password") + parser.add_option("--no-host-dns", dest="no_host_dns", action="store_true", + default=False, + help="Do not use DNS for hostname lookup during installation") parser.add_option("-U", "--unattended", dest="unattended", action="store_true", default=False, help="unattended installation never prompts the user") @@ -79,12 +86,13 @@ def parse_options(): options, args = parser.parse_args() safe_options = parser.get_safe_opts(options) - return safe_options, options + fname = args[0] if len(args) > 0 else None + return safe_options, options, fname def main(): log_file = "/var/log/ipa-drm-install.log" - safe_options, options = parse_options() + safe_options, options, replica_file = parse_options() if os.geteuid() != 0: sys.exit("\nYou must be root to run this script.\n") @@ -103,7 +111,7 @@ def main(): " in unattended mode") dm_password = options.password or \ - read_password("Directory Manager", confirm=False) + read_password("Directory Manager", confirm=False) if dm_password is None: sys.exit("Directory Manager password required") @@ -142,8 +150,10 @@ def main(): if enable_drm is not None and enable_drm == 'True': sys.exit("DRM is already installed.") - if enable_ra is not None and enable_ra == "True" and \ - ra_plugin is not None and ra_plugin == "dogtag": + ca_installed = enable_ra is not None and enable_ra == "True" and \ + ra_plugin is not None and ra_plugin == "dogtag" + + if ca_installed: if dogtag_version is not None and dogtag_version >= 10: # correct dogtag version of CA installed pass @@ -152,6 +162,13 @@ def main(): else: sys.exit("Dogtag CA is not installed. Please install the CA first") + installing_replica = dogtaginstance.is_installing_replica("KRA") + if installing_replica: + if replica_file is None: + sys.exit("A replica file is required.") + if not ipautil.file_exists(replica_file): + sys.exit("Replica file %s does not exist" % replica_file) + # Initialize the ipalib api cfg = dict( in_server=True, @@ -164,11 +181,25 @@ def main(): print "This program will setup Dogtag DRM for the FreeIPA Server." print "" - drm = drminstance.DRMInstance(realm_name, - dogtag_constants=dogtag.install_constants) + if not installing_replica: + drm = drminstance.DRMInstance( + realm_name, + dogtag_constants=dogtag.install_constants) + + drm.configure_instance(host_name, domain_name, dm_password, + dm_password, subject_base=subject) + else: + replica_config = create_replica_config(dm_password, replica_file, options) + + if not read_replica_info_drm_enabled(replica_config.dir): + sys.exit("Either DRM is not installed on the master system or " + "your replica file is out of date") + + drm = drminstance.install_replica_drm(replica_config) + service.print_msg("Restarting the directory server") - drm.configure_instance(host_name, domain_name, dm_password, - dm_password, subject_base=subject) + ds = dsinstance.DsInstance() + ds.restart() drm.enable_client_auth_to_db(drm.dogtag_constants.DRM_CS_CFG_PATH) |